Class SecuritySupport
- java.lang.Object
-
- com.sun.enterprise.server.pluggable.SecuritySupport
-
- Direct Known Subclasses:
SecuritySupportImpl
@Contract public abstract class SecuritySupport extends Object
SecuritySupport is part of PluggableFeature that provides access to internal services managed by application server.SecuritySupport deals with loading, caching and providing access to key stores and trust stores, including their managers.
This is mainly used via the
com.sun.enterprise.security.ssl.SSLUtils
facade, though various other classes such as theBaseContainerCallbackHandler
use this directly.- Author:
- Shing Wai Chan
-
-
Field Summary
Fields Modifier and Type Field Description static String
additionalKeyStoreProp
static String
additionalTrustStoreProp
static String
KEYSTORE_PASS_PROP
static String
KEYSTORE_TYPE_PROP
static String
keyStoreProp
static String
TRUSTSTORE_PASS_PROP
static String
TRUSTSTORE_TYPE_PROP
static String
trustStoreProp
-
Constructor Summary
Constructors Constructor Description SecuritySupport()
-
Method Summary
All Methods Static Methods Instance Methods Abstract Methods Concrete Methods Modifier and Type Method Description abstract void
checkPermission(String key)
Check permission for the given key.static SecuritySupport
getDefaultInstance()
abstract KeyManager[]
getKeyManagers(String algorithm)
abstract KeyStore
getKeyStore(String token)
abstract KeyStore[]
getKeyStores()
This method returns an array of keystores containing keys and certificates.abstract PrivateKey
getPrivateKeyForAlias(String alias, int keystoreIndex)
Gets the PrivateKey for specified alias from the corresponding keystore indicated by the index.abstract String[]
getTokenNames()
This method returns an array of token names in order corresponding to array of keystores.abstract TrustManager[]
getTrustManagers(String algorithm)
abstract KeyStore
getTrustStore(String token)
abstract KeyStore[]
getTrustStores()
This method returns an array of truststores containing certificates.abstract KeyStore
loadNullStore(String type, int index)
void
reset()
Resets the security instance by effectively re-initializing it.abstract void
synchronizeKeyFile(Object configContext, String fileRealmName)
TODO:V3:Cluster ConfigContext is no longer present so find out what this needs to beabstract boolean
verifyMasterPassword(char[] masterPass)
-
-
-
Field Detail
-
KEYSTORE_PASS_PROP
public static final String KEYSTORE_PASS_PROP
- See Also:
- Constant Field Values
-
TRUSTSTORE_PASS_PROP
public static final String TRUSTSTORE_PASS_PROP
- See Also:
- Constant Field Values
-
KEYSTORE_TYPE_PROP
public static final String KEYSTORE_TYPE_PROP
- See Also:
- Constant Field Values
-
TRUSTSTORE_TYPE_PROP
public static final String TRUSTSTORE_TYPE_PROP
- See Also:
- Constant Field Values
-
keyStoreProp
public static final String keyStoreProp
- See Also:
- Constant Field Values
-
additionalKeyStoreProp
public static final String additionalKeyStoreProp
- See Also:
- Constant Field Values
-
trustStoreProp
public static final String trustStoreProp
- See Also:
- Constant Field Values
-
additionalTrustStoreProp
public static final String additionalTrustStoreProp
- See Also:
- Constant Field Values
-
-
Method Detail
-
getDefaultInstance
public static SecuritySupport getDefaultInstance()
-
getKeyStores
public abstract KeyStore[] getKeyStores()
This method returns an array of keystores containing keys and certificates.
-
getTrustStores
public abstract KeyStore[] getTrustStores()
This method returns an array of truststores containing certificates.
-
getKeyStore
public abstract KeyStore getKeyStore(String token)
- Parameters:
token
-- Returns:
- a keystore. If token is null, return the the first keystore.
-
getTrustStore
public abstract KeyStore getTrustStore(String token)
- Parameters:
token
-- Returns:
- a truststore. If token is null, return the first truststore.
-
getKeyManagers
public abstract KeyManager[] getKeyManagers(String algorithm) throws IOException, KeyStoreException, NoSuchAlgorithmException, UnrecoverableKeyException
- Parameters:
algorithm
-- Returns:
- KeyManagers for the specified algorithm.
- Throws:
IOException
KeyStoreException
NoSuchAlgorithmException
UnrecoverableKeyException
-
getTrustManagers
public abstract TrustManager[] getTrustManagers(String algorithm) throws IOException, KeyStoreException, NoSuchAlgorithmException
- Parameters:
algorithm
-- Returns:
- TrustManagers for the specified algorithm.
- Throws:
IOException
KeyStoreException
NoSuchAlgorithmException
-
reset
public void reset()
Resets the security instance by effectively re-initializing it.This means the default keystores and truststores will be reloaded from their default locations (which may be configured by system properties, such as with the default SecuritySupport instance).
-
loadNullStore
public abstract KeyStore loadNullStore(String type, int index) throws KeyStoreException, IOException, NoSuchAlgorithmException, CertificateException
- Parameters:
type
-index
-- Returns:
- load a null keystore of given type.
- Throws:
KeyStoreException
IOException
NoSuchAlgorithmException
CertificateException
-
verifyMasterPassword
public abstract boolean verifyMasterPassword(char[] masterPass)
- Parameters:
masterPass
-- Returns:
- result whether the given master password is correct.
-
getPrivateKeyForAlias
public abstract PrivateKey getPrivateKeyForAlias(String alias, int keystoreIndex) throws KeyStoreException, NoSuchAlgorithmException, UnrecoverableKeyException
Gets the PrivateKey for specified alias from the corresponding keystore indicated by the index.- Parameters:
alias
- Alias for which the PrivateKey is desired.keystoreIndex
- Index of the keystore.- Returns:
- Throws:
KeyStoreException
NoSuchAlgorithmException
UnrecoverableKeyException
-
getTokenNames
public abstract String[] getTokenNames()
This method returns an array of token names in order corresponding to array of keystores.
-
synchronizeKeyFile
public abstract void synchronizeKeyFile(Object configContext, String fileRealmName) throws Exception
TODO:V3:Cluster ConfigContext is no longer present so find out what this needs to be- Throws:
Exception
-
checkPermission
public abstract void checkPermission(String key)
Check permission for the given key.- Parameters:
key
-
-
-